Page 1 of 3 123 LastLast
Results 1 to 15 of 43
  1. #1

    Server Hacked - by niroda

    My VPS with EUK Host got hacked yesterday. All sites on it have had all content deleted and replaced with a hacked message. EUK can't restore any of the sites as their backups were also compromised. Luckily I have a recent backup of the most important site that I DL'd on Saturday. The rest of the sites have no backups, sadly.

    I am interested to know if I have been misled with the circumstances of the hack. The support people tell me that it's my fault and my problem as my root password is weak (it was not weak at all) plus I was running wordpress sites and that's where the breach took place. I was under the impression that sites COULD get hacked but that hack could not gain access to the server itself. This was my understanding anyway. Also, I note that their VPS Node : EL58 is under attack and that "Mar 05, 2012 Urgent Maintenance : backup4 server". Coincidence that all my sites have no backups? Any advice on what I can or should do? Suspect you will all say it's my own fault for not taking backups for the other sites etc!

    I will be looking for a new host. I have been messed about all day. Promised info, calls and ticket updates. Just had one of the chat operators getting quite terse with me too. EUK were OK but the end of last year and this year have been terrible.

    Can anyone recommend a good UK host? I do need it to be UK though.

  2. #2
    Join Date
    Mar 2009
    Location
    Miami, Florida
    Posts
    18,864
    Quote Originally Posted by Jezsez View Post
    My VPS with EUK Host got hacked yesterday. All sites on it have had all content deleted and replaced with a hacked message. EUK can't restore any of the sites as their backups were also compromised. Luckily I have a recent backup of the most important site that I DL'd on Saturday. The rest of the sites have no backups, sadly.

    I am interested to know if I have been misled with the circumstances of the hack. The support people tell me that it's my fault and my problem as my root password is weak (it was not weak at all) plus I was running wordpress sites and that's where the breach took place. I was under the impression that sites COULD get hacked but that hack could not gain access to the server itself. This was my understanding anyway. Also, I note that their VPS Node : EL58 is under attack and that "Mar 05, 2012 Urgent Maintenance : backup4 server". Coincidence that all my sites have no backups? Any advice on what I can or should do? Suspect you will all say it's my own fault for not taking backups for the other sites etc!

    I will be looking for a new host. I have been messed about all day. Promised info, calls and ticket updates. Just had one of the chat operators getting quite terse with me too. EUK were OK but the end of last year and this year have been terrible.

    Can anyone recommend a good UK host? I do need it to be UK though.
    Hello,
    When a provider posts that a server is under attack, it typically involves a DDoS attack, not a defacement. May I ask if you were running a control panel and using a strong password. It almost sounds like the attacker managed to get your root codes.
    Keith I Myers
    CEO and Founder - RemoteRAM.com
    The world leader in Cloud Based RAM
    KMyers.me The rantings of a lunatic

  3. #3
    If their backups got compromised too, doesn't that mean their server was hacked? If that is the case, it wasn't your fault at all. Seems they need to do server audits a bit more often and setup their servers better.

  4. #4
    Quote Originally Posted by KMyers View Post
    Hello,
    When a provider posts that a server is under attack, it typically involves a DDoS attack, not a defacement. May I ask if you were running a control panel and using a strong password. It almost sounds like the attacker managed to get your root codes.
    Yes, it has control panel. I would say that the password was very strong.

    It's alwasy possible that somehow my security has been compromised locally. I would be surprised though. Why go for the server (just one server ((so far!!)) at that) and not the paypal account or something worse? My local machine has good security but I doubt it would stop something new or really good, if any security would.

  5. #5
    Join Date
    Mar 2009
    Location
    Miami, Florida
    Posts
    18,864
    Quote Originally Posted by JoeBates View Post
    If their backups got compromised too, doesn't that mean their server was hacked? If that is the case, it wasn't your fault at all. Seems they need to do server audits a bit more often and setup their servers better.
    That may not be the case. A backup server is often a separate machine. I not see if they did backups of the VMs so I asked and confirmed they do
    Keith I Myers
    CEO and Founder - RemoteRAM.com
    The world leader in Cloud Based RAM
    KMyers.me The rantings of a lunatic

  6. #6
    Quote Originally Posted by JoeBates View Post
    If their backups got compromised too, doesn't that mean their server was hacked? If that is the case, it wasn't your fault at all. Seems they need to do server audits a bit more often and setup their servers better.
    That was my thought too. But they are merely saying that their backup was taken after the hack. Conveniently.

  7. #7
    Join Date
    Jun 2003
    Location
    Spain
    Posts
    4,127
    Quote Originally Posted by Jezsez View Post

    Can anyone recommend a good UK host? I do need it to be UK though.
    FutureHosting without a doubt!

  8. #8
    Join Date
    Jun 2011
    Location
    Internet
    Posts
    2,505
    Quote Originally Posted by Jezsez View Post
    That was my thought too. But they are merely saying that their backup was taken after the hack. Conveniently.
    Was your VPS control panel password where you start the backup the same as any other that you use elsewhere?

  9. #9
    Quote Originally Posted by Jezsez View Post
    That was my thought too. But they are merely saying that their backup was taken after the hack. Conveniently.
    That would make more sense, that sucks!

  10. #10
    Quote Originally Posted by Flapadar View Post
    Was your VPS control panel password where you start the backup the same as any other that you use elsewhere?
    I think it may be the same password for the mail server, possibly.

  11. #11
    Join Date
    Dec 2011
    Posts
    91
    Quote Originally Posted by Jezsez View Post
    My VPS with EUK Host got hacked yesterday. All sites on it have had all content deleted and replaced with a hacked message. EUK can't restore any of the sites as their backups were also compromised. Luckily I have a recent backup of the most important site that I DL'd on Saturday. The rest of the sites have no backups, sadly.

    I am interested to know if I have been misled with the circumstances of the hack. The support people tell me that it's my fault and my problem as my root password is weak (it was not weak at all) plus I was running wordpress sites and that's where the breach took place. I was under the impression that sites COULD get hacked but that hack could not gain access to the server itself. This was my understanding anyway. Also, I note that their VPS Node : EL58 is under attack and that "Mar 05, 2012 Urgent Maintenance : backup4 server". Coincidence that all my sites have no backups? Any advice on what I can or should do? Suspect you will all say it's my own fault for not taking backups for the other sites etc!

    I will be looking for a new host. I have been messed about all day. Promised info, calls and ticket updates. Just had one of the chat operators getting quite terse with me too. EUK were OK but the end of last year and this year have been terrible.

    Can anyone recommend a good UK host? I do need it to be UK though.

    Sounds fishy. Backups compromised!?! C'mon. Really? Only way to have compromised backups is not taking them frequently. Check out /var/log/messages. Compare root login IPs against your own. Unless that was compromised too.
    BigInstance.com
    [+] VPS - KVM HVM - 4GB & up
    [+] Dedicated CPU core(s)
    sales [@] biginstance.com

  12. #12
    Join Date
    Feb 2012
    Posts
    156
    Quote Originally Posted by XTremo View Post
    FutureHosting without a doubt!
    I was going to recommend them too, they also will be able to ensure that your VPS is up to date, secure, and give you proper managed support and security, along with monitoring. I would check 'em out.

  13. #13
    This is the incomprehensible support ticket reply:

    "As per your telephonic conversation with Suzanne, we have tried to restored data from our backup system but unfortunately, there are the same files available as they are on your VPS.

    We can do one thing, if sites on your VPS other than the sites available in backup with you are not important for you then we can create a new VPS for you with the same configuration, apply all the security tweaks and then restore important sites backup on it. This way, you will get secured VPS with all important data."

    Seems to me that the last VPS was not secure, by their own admission.

    Thanks for the recommendation on host - but it needs to be a UK host I'm afraid.

  14. #14
    Join Date
    Apr 2010
    Location
    North Carolina
    Posts
    430
    Quote Originally Posted by Jezsez View Post
    Seems to me that the last VPS was not secure, by their own admission.
    Is this a managed VPS? If not, securing your VPS is your job.

  15. #15
    Quote Originally Posted by Jezsez View Post
    My VPS with EUK Host got hacked yesterday. All sites on it have had all content deleted and replaced with a hacked message. EUK can't restore any of the sites as their backups were also compromised. Luckily I have a recent backup of the most important site that I DL'd on Saturday. The rest of the sites have no backups, sadly.

    I am interested to know if I have been misled with the circumstances of the hack. The support people tell me that it's my fault and my problem as my root password is weak (it was not weak at all) plus I was running wordpress sites and that's where the breach took place. I was under the impression that sites COULD get hacked but that hack could not gain access to the server itself. This was my understanding anyway. Also, I note that their VPS Node : EL58 is under attack and that "Mar 05, 2012 Urgent Maintenance : backup4 server". Coincidence that all my sites have no backups? Any advice on what I can or should do? Suspect you will all say it's my own fault for not taking backups for the other sites etc!

    I will be looking for a new host. I have been messed about all day. Promised info, calls and ticket updates. Just had one of the chat operators getting quite terse with me too. EUK were OK but the end of last year and this year have been terrible.

    Can anyone recommend a good UK host? I do need it to be UK though.

    This happened to a client of mine. They were using Avail[-bleep-]. Their VPS software had a vulnerability in it and all of my client's domains were hacked. Had nothing to do with negligence of my client. No weak passwords, vulnerable software, etc.

Page 1 of 3 123 LastLast

Similar Threads

  1. Can my blog be hacked on shared hosting if my neighbour is hacked?
    By zobe in forum Hosting Security and Technology
    Replies: 17
    Last Post: 03-10-2011, 04:09 AM
  2. Server hacked : how can I find out how they are uploading files to my server?
    By listenmirndt in forum Hosting Security and Technology
    Replies: 4
    Last Post: 04-14-2007, 12:44 PM
  3. Replies: 6
    Last Post: 08-24-2006, 04:11 PM
  4. Plesk server hacked, hiring to move clients to new server
    By DaveNET in forum Employment / Job Offers
    Replies: 3
    Last Post: 07-30-2005, 09:56 PM
  5. Replies: 5
    Last Post: 08-05-2001, 10:50 PM

Related Posts from theWHIR.com

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •